Posts from the ‘cryptography’ Category

Whilst on holiday I was challenged by a friend (mikemeat) to create an enigma in python. Here is what I wrote:

# -*- coding: utf-8 -*-
from random import shuffle,randint,choice
from copy import copy
alphabet=range(0,26)
def shift(l, n): # Method to rotate arrays/cogs
return l[n:] + l[:n]
class cog: # Simple substitution cipher for each cog
def create(self):
self.transformation=copy(alphabet)
shuffle(self.transformation)
return
def passthrough(self,i):
return self.transformation[i]
def passthroughrev(self,i):
return self.transformation.index(i)
def rotate(self):
self.transformation=shift(self.transformation, 1)
def setcog(self,a):
self.transformation=a
class enigma: # Enigma class
def __init__(self, nocogs,printspecialchars):
self.printspecialchars=printspecialchars
self.nocogs=nocogs
self.cogs=[]
self.oCogs=[] # Create backup of original cog positions for reset
for i in range(0,self.nocogs): # Create cogs
self.cogs.append(cog())
self.cogs[i].create()
self.oCogs.append(self.cogs[i].transformation)
# Create reflector
refabet=copy(alphabet)
self.reflector=copy(alphabet)
while len(refabet)>0:
a=choice(refabet)
refabet.remove(a)
b=choice(refabet)
refabet.remove(b)
self.reflector[a]=b
self.reflector[b]=a
def print_setup(self): # To print the enigma setup for debugging/replication
print "Enigma Setup:\nCogs: ",self.nocogs,"\nCog arrangement:"
for i in range(0,self.nocogs):
print self.cogs[i].transformation
print "Reflector arrangement:\n",self.reflector,"\n"
def reset(self):
for i in range(0,self.nocogs):
self.cogs[i].setcog(self.oCogs[i])
def encode(self,text):
ln=0
ciphertext=""
for l in text.lower():
num=ord(l)%97
if (num>25 or num<0):
if (self.printspecialchars): # readability
ciphertext+=l
else:
pass # security
else:
ln+=1
for i in range(0,self.nocogs): # Move thru cogs forward...
num=self.cogs[i].passthrough(num)
num=self.reflector[num] # Pass thru reflector
for i in range(0,self.nocogs): # Move back thru cogs...
num=self.cogs[self.nocogs-i-1].passthroughrev(num)
ciphertext+=""+chr(97+num) # add encrypted letter to ciphertext
for i in range(0,self.nocogs): # Rotate cogs...
if ( ln % ((i*6)+1) == 0 ): # in a ticker clock style
self.cogs[i].rotate()
return ciphertext
plaintext="""The most common arrangement used a ratchet and pawl mechanism.
Each rotor had a ratchet with 26 teeth and, every time a key was pressed, each
of the pawls corresponding to a particular rotor would move forward in unison,
trying to engage with a ratchet, thus stepping the attached rotor once. A thin
metal ring attached to each rotor upon which the pawl rode normally prevented
this. As this ring rotated with its rotor, a notch machined into it would
eventually align itself with the pawl, allowing it to drop into position, engage
with the ratchet, and advance the rotor. The first rotor, having no previous
rotor (and therefore no notched ring controlling a pawl), stepped with every
key press. The five basic rotors (I–V) had one notch each, while the additional
naval rotors VI, VII and VIII had two notches. The position of the notch on each
rotor was determined by the letter ring which could be adjusted in relation to
the core containing the interconnections. The points on the rings at which they
caused the next wheel to move were as follows"""
x=enigma(4,True)
#x.print_setup()
print "Plaintext:\n"+plaintext+"\n"
ciphertext=x.encode(plaintext)
print "Ciphertext:\n"+ciphertext+"\n"
# To proove that encoding and decoding are symmetrical
# we reset the enigma to starting conditions and enter
# the ciphertext, and get out the plaintext
x.reset()
plaintext=x.encode(ciphertext)
print "Plaintext:\n"+plaintext+"\n"

Feel free to tear it apart and show me how much better/easier it could have been!

Update: it’s currently quite difficult to get hold of bitcoins in the UK but localbitcoins works.

If your already aware of the awesomeness of public key cryptography (e.g. PGP or OTR), then you will probably appreciate Bitcoins.

You send coins by typing in someone’s address and how many coins to send and then your transaction will propagate around the p2p network. You receive coins in the same way by giving someone your address. In order to track transactions you can also make more addresses (and labels for them) which can also add to anonymity. Bitcoins are currently worth $0.0201 per bc (source)

Bitcoin program running

Generating Bitcoins
You can opt to generate solutions to a specific crypotgraphic problem in exchange for bitcoins, by doing so your computer’s idle CPU will be used to solve this problem and when a solution is found you will be rewarded with some bitcoins, yay. There is also talk of speeding up the generation by using CUDA or similar tools here

5 Free Bitcoins
You can get 5 free bitcoins to start off your adventure into this new currency fromhere. This is a donation from somebody who wants to ensure that this currency is sucessful and as such this is a token of good faith and should not be exploited. You can also donate bitcoins to the fund to help this project.

I continually placed a bet (free play mode) on red, and for over 40 rounds it came up black, this has a probability of (20/7)^40 or 0.000000000708%. As unfair as this was then game then started getting worse constantly resulting in 0, however it would say “31 black odd” and in the side bar of past numbers “un” kept appearing which I guess means unknown.

I also tested a few of the slot machines to see if they were rigged too, and surely enough each rotation of the slots resulted in the exact same result every time, which was of course a losing one.

This bitcoin casino is rigged, buggy and not worth wasting your time with, it is much easier to lose money in other ways.

Conclusion
Bitcoin is an awesome idea and hopefully it will catch on and become sucessful, however be sure to avoid bitcasino! Also if anyone would like to donate some bitcoins then please send them to: 12Qxwa4d8s7bYHWVvNLkQZAVkJZrz8ReKB

Recently a friend (who will remain unnamed for obvious reasons) asked me to penetration test a website he created. I found a very simple exploit where I could upload an avatar but the file was not checked to ensure it was an image, so I uploaded a php script I wrote an began exploring the server. I printed out all of the usernames, passwords and salts from the database to see how many of the 1,109 passwords could be easily cracked.

The passwords were stored as MD5 hashes with a random 6 character alphanumeric salt. To create the MD5 hash of the password the salt was prefixed to the password and then the combination was hashed. Thanks to this method we can employ a simple bruteforce/dictionary attack on the passwords. I will start with the wordlists creation, then results I obtained to keep your interest, and finally show my python code.

Creating wordlists
I already has two reasnoble sized dictionaries that I use for different things like wordcube. I used john the ripper on my double sized dictionary to create lots of common permutations on words, such as captial first letter, and a number affixed to the end. To do this you run john with the following parameters, where dic.txt is the input dictionary and dic_plus_rules.txt is the output from john with all of the additions it has made.

john –wordlist=dic.txt –rules –stdout > dic_plus_rules.txt

I also download two wordlists from openwall, one which is a list of ~3100 common passwords, and one labelled ALL that has a large amount of words (~4 million) in various languages. Because of the highly compressible nature of text the files are available in small gzip files. ALL is 11.5Mb which unzips to 41.4Mb and password 12kb which unzips to 21.8kb. There are also more wordlists avaliable for different languages, but the ALL file includes these.

The size of all of the wordlists I used is shown below:

Dictionary

Combinations

English

42,987

Double-English

80,368

Double+john-rules

3,986,706

Openwall Common Passwords

3,158

Openwall ALL

3,917,116

Results

Dictionary

Cracked

Percentage

Time

English

60

5.41%

80s

Double-English

65

5.86%

170s

Double+john-rules

116

10.46%

2.5hrs (8393s)

Openwall Common Passwords

112

10.10%

7s

Openwall All

210

18.94%

2.45hrs (8829s)

Total Passwords Obtained

254

22.90%

~5hrs

Comical passwords

Here are some of the more amusingly bad passwords, the number in brackets shows the frequency of the password.

Add multi-threading: My experience with multi-threading in python is that it doesn't work well for cpu intensive tasks, if you know otherwise please let me know.

Have a look at PyCUDA to see if I can use my graphics card to speed up the code significantly (another type of mutli-threading really...) without having to change language like in my previous post of CUDA MD5 cracking

Do you want to crack MD5 hashes in at a rate of ~300MHash/s without a massive rainbow table? Do you have a CUDA enabled GFX card? If you said yes or maybe to these questions then read on for a brief introduction on how to compile and run a CUDA accelerated MD5 cracker (coded by Benjamin “Titan” Vernoux ).

Pre-Requisites and Downloading

Own a CUDA enabled GFX card, if you have a NVIDIA graphics card from the past year or so this is most likely the case.

What now?
Well you can crack MD5’s at an extremely accelerated rate, so enjoy doing so responsibly (let your morals guide you :P). You could also explore the source code and make additions as you see fit, I am planning on modifying it to allow an extra parameter so that prefixes can be added if you already know how the password starts. This can be the case when someone has prefixed the password with a known salt.

Cryptograms are enjoyable puzzles created from a saying or phrase encrypted with a substitutional cipher. They can be fun to decipher by hand by looking for common letter combinations, doublets, guesswork, and other flaws in this encryption mechanism.

I wrote a quick python script which will accept an input text and create a random substitutional cipher and encrypt it. It then outputs the cipher alphabet and the encrypted text.

As you may or may not be aware some printers add extra information in order for the printer to be identified (primarily for counterfeiting case I believe). With colour laser printers this can be in the form of a small array of yellow dots printed onto you paper. Yellow dots are hardly visible to the naked eye, however if you are close enough and get the light at the right angle you can see them. If you have some blue leds or a blue light available this can make it much easier to see the dots (as the yellow dots will absorb the blue and look black).

Unfortunately I my camera isn’t good enough quality and it doesn’t have a macro lens or feature so I can only show images at both extremes. Below are images captured with my microscope, you don’t have to look very far around the page, as the clusters are littered all over the page.

Microscope image of a few yellow dots on paper printed with dell 1320c

Microscope image of a two yellow dots (max zoom)

The Electronic frontier foundation have more information about the dots and have setup an address you can send a print test page to in order for them to build up a public defence case. Perhaps criminals will end up printing with yellow backgrounds to combat this method?

Due to the simple nature of the Caesar cipher, it could easily be brute forced by trying all possible 25 keys and then looking by eye to see if the plaintext was revealed (this too can be automated by checking for common English words to see if the solution was probable). However the much more elegant method of frequency analysis can be used.

This code will calculate the error in statistical frequency for each letter squared to generate an error for each possible rotation. Using a sufficiently long piece of ciphertext this code should accurately reveal the Caesar rotation use. The table below shows the error for each rotation:

Rotation

Error

0

4.11797847386

1

3.05305477067

2

3.70059678828

3

3.66330931218

4

3.5078619579

5

0.361318100755

6

3.17289666386

7

3.66072641654

8

3.39769855873

9

1.74854802027

10

2.92550921273

11

2.67524757297

12

2.86847189573

13

3.06980318397

14

2.56886153328

15

2.17180117031

16

2.24503724763

17

2.95579718798

18

1.74002183444

19

1.83328601011

20

1.74779021766

21

2.71332097813

22

1.5409364067

23

1.83209213494

24

1.54904808883

The lowest error is for 5 rotations (correctly so) with an error of 0.361318100755, the next lowest error is 22 rotations with an error of 1.5409364067. This is ~4.3x difference, which gives a very large degree of confidence to our solution and below is the deciphered text.

there are two types of encryption: one that will prevent your sister from reading your diary and one that will prevent your government. this is a very important lesson to remeberespecially for attacks using frequency analysis which require longer passage of text in order to achieve better results.

Future
The frequency analysis presented here can be used along with some other techniques in order to crack the viginere cipher.

SUBSTITUTION
Key: &fywQ.%!lmx_sRGu:{-r},BH16zUb#L?N`e7C ~9t)oW^=;h0
Plaintext: The wheels on the bus go round and round. round and round.round and round. The wheels on the bus go round and round, all through the town!
Cipertext: O!Q)q!QQ_
Decoded : The wheels on the bus go round and round. round and round.round and round. The wheels on the bus go round and round, all through the town!

CAESAR SHIFT
Key: 5
Plaintext: The wheels on the bus go round and round. round and round.round and round. The wheels on the bus go round and round, all through the town!
Cipertext: Ymj`2mjjqx`ts`ymj`gzx`lt`wtzsi`fsi`wtzsi@`wtzsi`fsi`wtzsi@wtzsi`fsi`wtzsi@`Ymj`2mjjqx`ts`ymj`gzx`lt`wtzsi`fsi`wtzsi$`fqq`ymwtzlm`ymj`yt2s&
Decoded : The wheels on the bus go round and round. round and round.round and round. The wheels on the bus go round and round, all through the town!

This post builds upon the Caesar shift presented previously; converting it to a full substitution cipher. The substitution cipher will practically remove bruteforce style methods of defeating the encryption and provide a basis for more complicated ciphers.

Subsitution Cipher
Because a Caesar shift only rotates the alphabet there are only 25 possible unique solutions, this leaves the cipher quite vulnerable to brute force. If rather than just rotating the alphabet and keeping it ‘linear’ we can shuffle it to create a substitution cipher. This improves the number of possible solutions to a shocking
(26! – 1) = 4.03291461126605635584e26 (unfortunatly, the substitution cipher is alot weaker than it seems as it is vunerable to several different cryptanalysis attacks).

Substitution Cipher Diagram

We start with the simple Caesar shift function with the following changes:

A new array is introduced filled with the numbers 0 – the length of the alphabet. This array is shuffled using shuffle from the random module. The alphabet substitution dictionary is created using this array to decide which letters go where (this is probably clearer in the code than in my explanation).

With the Caesar shift we only needed to know the number of rotations in order to decrypt the text, now we need a full list of the letter substitutions. This is stored as the key and will be needed in order to decode our substitution cipher.

We also now store the alphabet outside of the function so that it can be used in a decode function. This function was added along with some example usage to make the full process more understandable

from random import shuffle
alphabet="abcdefghijklmnopqrstuvwxyz"
def substitution(alphabet,plaintext):
# Create array to use to randomise alphabet position
randarray=range(0,len(alphabet))
shuffle(randarray)
key=""
#Create our substitution dictionary
dic={}
for i in range(0,len(alphabet)):
key+=alphabet[randarray[i]]
dic[alphabet[i]]=alphabet[randarray[i]]
#Convert each letter of plaintext to the corrsponding
#encrypted letter in our dictionary creating the cryptext
ciphertext=""
for l in plaintext:
if l in dic:
l=dic[l]
ciphertext+=l
for i in alphabet:
print i,
print
for i in key:
print i,
print
return ciphertext,key
# This function decodes the ciphertext using the key and creating
# the reverse of the dictionary created in substitution to retrieve
# the plaintext again
def decode(alphabet,ciphertext,key):
dic={}
for i in range(0,len(key)):
dic[key[i]]=alphabet[i]
plaintext=""
for l in ciphertext:
if l in dic:
l=dic[l]
plaintext+=l
return plaintext
# Example useage
plaintext="the cat sat on the mat"
ciphertext,key=substitution(plaintext)
print "Key: ", key
print "Plaintext:", plaintext
print "Cipertext:", ciphertext
print "Decoded :", decode(ciphertext,key)

Running this will output the following (This will be different on each run due to the use of random to generate the key).

We increase the number of possible solutions from (26!-1) to (63!-1) which is 1.98260831540444006412e87. This also has the added benefit of making the encrypted text alot cooler and harder to guess at by eye (unfortunately still very easy to see what character represents space).

Key: MXjAarLzWqFePI7E botO5f1kym29RZd3Sh8JTiQGKVDp6YBCsU4nucNgwlx0vH
Plaintext: this plaintext will be much more of a challenge to decode compared to the Caesar shift cipher
Cipertext: tzWoHEeMWIta1tHfWeeHXaHPOjzHP7baH7rHMHjzMeeaILaHt7HAaj7AaHj7PEMbaAHt7HtzaHjMaoMbHozWrtHjWEzab
Decoded : this plaintext will be much more of a challenge to decode compared to the caesar shift cipher

Future
The substitution cipher is a lot more secure than Caesar shift cipher but unfortunately is very insecure towards frequency analysis. In future posts I will address using frequency analysis and methods to prevent this type of attack as well as improving on this cipher by creating multiple-dicitionary based ciphers to create Vigenère style ciphers.

I imagine most people reading this will enjoy the simple challenge of solving some encrypted text. I have used this code to make some ciphertext, try and decode it! (extra points for knowing where it is from):

This post aims to detail the creation (in python) of one of the simplest forms of encryption; the simple Caesar shift (or shift cipher). The Caesar shift takes the normal alphabet and maps it to a an identical alphabet with a rotation. The cipher will be written in such a way that it can be easily expanded on to create more complex encryption schemes with little modification.

Caesar shift alphabet diagram

The above image shows a diagrammatic representation of a Caesar shift of 3 (alphabet transposed onto a rotation of itself with a displacement of 3). Below shows the entire alphabet in plaintext and in ciphertext, followed by a simple sentence in plaintext and in cipher text.

Plaintext:

abcdefghijklmnopqrstuvwxyz

Ciphertext:

defghijklmnopqrstuvwxyzabc

Plaintext:

the cat sat on the mat

Ciphertext:

wkh fdw vdw rq wkh pdw

Below is the code to convert plaintext into ciphertext along with an example of the usage:

Explanation
Here we have written a function that is given the plaintext and an arbitary rotation (including negative) and returns a ciphertext. The function creates a dictionary, mapping each letter to another letter that is ‘shift’ letters away from it in the alphabet (the modulus (%) is used so to wrap the alphabet back to the start if it falls off the end). It then converts each letter of the plain text into the corresponding encrypted letter using the dictionary.

Future
In the next post I will discuss methods to improve the Caesar shift and how to turn it into a full substitution cipher (where the alphabet is shuffled rather than rotated). The Caesar shift is very susceptible to brute forcing and frequency analysis which I shall explain and create a program to defeat these encryptions in a future post.